Install Samba and the required services.
apt install samba
Stop the samba service
systemctl stop smbd.service
Add the windows server discovery service - so you can find stuff on the network
apt install wsdd-server
First we will create a samba user and set a password for Windows users to authenticate. If we want multiple users we can repeat this process.
adduser --disabled-login smbuser adduser --disabled-login smbadmin smbpasswd -a smbuser smbpasswd -a smbadmin
Now we will create a group to assign to the various shares we are going to create for admin access (read write)
groupadd -g 10000 smbadmins
We now need to add the users into this group.
usermod -a -G smbadmins smbadmin
We can also add sysadmin to this group to give it samba RW permissions
usermod -a -G smbadmins sysadmin
Now we need to create the share directory and set its permissions.
chown -R smbadmin:smbadmins /path/to/your/share
Change the file permissions
chmod -R 2775 /path/to/your/share
This will set the group sticky bit so that new files / folder will inherit group permissions.
Modify smb.conf
sudo nano /etc/samba/smb.conf
[global] workgroup = SCOTTWORLD server string = %h server (Samba, Ubuntu) log file = /var/log/samba/log.%m max log size = 1000 logging = file panic action = /usr/share/samba/panic-action %d server role = standalone server obey pam restrictions = yes map to guest = bad user #========== HIT samba over the head, to disable printing ========= load printers = no show add printer wizard = no printcap name = /dev/null disable spoolss = yes #======================= Share Definitions ======================= [software] path = /srv/data/software guest ok = no guest only = no read only = yes write list = @smbadmins force group = smbadmins create mask = 0775 directory mask = 2775 [media] path = /srv/media guest ok = no guest only = no read only = yes write list = @smbadmins force group = plex force user = plex create mask = 0775 directory mask = 2775 [torrents] path = /srv/backup/torrents guest ok = no guest only = no read only = yes write list = @smbadmins force group = debian-transmission force user = smbadmin create mask = 0775 directory mask = 2775 [www] path = /srv/data/www guest ok = no guest only = no read only = no write list = @smbadmins, smbuser force group = www-data force user = www-data create mask = 0775 directory mask = 2775 [backup] path = /srv/backup guest ok = no guest only = no read only = yes write list = @smbadmins force group = smbadmins create mask = 0770 directory mask = 2770 [documents] path = /srv/data/documents guest ok = no guest only = no read only = yes write list = @smbadmins force group = smbadmins create mask = 0775 directory mask = 2775 [drop] path = /srv/data/drop guest ok = no guest only = no read only = no write list = @smbadmins,smbuser force group = smbadmins create mask = 0775 directory mask = 2775
You can run a testparm command to check the samba configuration.
testparm
Then restart the samba service.
systemctl start smbd.service